How to Install and Configure MinIO Object Storage on RHEL 7

MinIO is a high-performance, S3-compatible object storage server written in Go. It can run as a single-node server or in distributed mode across multiple nodes, making it suitable for everything from development environments to production-grade data lakes. Because MinIO ships as a single static binary, installation on RHEL 7 requires no special repositories — just a download, a systemd service file, and appropriate directory permissions. This tutorial walks through installing MinIO, configuring it as a systemd service, accessing the web console, and performing basic operations with the MinIO Client (mc).

Prerequisites

  • RHEL 7 server with root or sudo access
  • At least 1 GB of free disk space for the data directory (more for real workloads)
  • Ports 9000/tcp (API) and 9001/tcp (web console) open in the firewall
  • Internet access from the server, or the MinIO binary downloaded externally and transferred
  • A dedicated user account for running the MinIO process (recommended)

Step 1: Download the MinIO Binary

MinIO provides a static Linux binary. Download the latest stable release from the official MinIO download server:

curl -Lo /usr/local/bin/minio 
  https://dl.min.io/server/minio/release/linux-amd64/minio
chmod +x /usr/local/bin/minio
minio --version

You should see output similar to:

minio version RELEASE.2024-01-xx (commit-id) (go1.21)

Step 2: Create a Dedicated System User and Data Directory

Running MinIO as root is strongly discouraged. Create a service account with no login shell:

useradd -r -s /sbin/nologin minio-user

Create the data directory where objects will be stored and assign ownership:

mkdir -p /data/minio
chown -R minio-user:minio-user /data/minio
chmod 750 /data/minio

Step 3: Create the MinIO Environment File

The systemd service unit reads MinIO configuration from /etc/default/minio. Create this file with your root credentials and the data volume path:

cat > /etc/default/minio <<'EOF'
# Volume(s) that MinIO uses for storage
MINIO_VOLUMES="/data/minio"

# Root credentials — change these to strong values
MINIO_ROOT_USER="minioadmin"
MINIO_ROOT_PASSWORD="ChangeMe_S3cure!2026"

# Optional: bind address (defaults to all interfaces on port 9000)
MINIO_OPTS="--console-address :9001"
EOF
chmod 640 /etc/default/minio
chown root:minio-user /etc/default/minio

Security note: The credentials file should never be world-readable. The chmod 640 and group ownership above ensure only root and the minio-user service account can read it.

Step 4: Create the systemd Service Unit

Create the service file at /etc/systemd/system/minio.service:

cat > /etc/systemd/system/minio.service <<'EOF'
[Unit]
Description=MinIO Object Storage
Documentation=https://docs.min.io
Wants=network-online.target
After=network-online.target
AssertFileIsExecutable=/usr/local/bin/minio

[Service]
WorkingDirectory=/usr/local/

User=minio-user
Group=minio-user
ProtectProc=invisible

EnvironmentFile=-/etc/default/minio
ExecStartPre=/bin/bash -c "if [ -z "${MINIO_VOLUMES}" ]; then echo "Variable MINIO_VOLUMES not set in /etc/default/minio"; exit 1; fi"
ExecStart=/usr/local/bin/minio server $MINIO_OPTS $MINIO_VOLUMES

# Let systemd restart this service on failure
Restart=always
RestartSec=5s

# Specifies the maximum file descriptor number that can be opened by this process
LimitNOFILE=65536

# Specifies the maximum number of threads this process can create
TasksMax=infinity

# Disable timeout logic and wait until process is stopped
TimeoutStopSec=infinity
SendSIGKILL=no

[Install]
WantedBy=multi-user.target
EOF

Step 5: Enable and Start MinIO

systemctl daemon-reload
systemctl enable minio
systemctl start minio
systemctl status minio

Watch the journal for any startup errors:

journalctl -u minio -n 50 --no-pager

Step 6: Open Firewall Ports

firewall-cmd --permanent --add-port=9000/tcp
firewall-cmd --permanent --add-port=9001/tcp
firewall-cmd --reload

Step 7: Access the MinIO Web Console

Open a browser and navigate to:

http://<server-ip>:9001

Log in with the MINIO_ROOT_USER and MINIO_ROOT_PASSWORD values set in /etc/default/minio. From the console you can create buckets, upload objects, manage users, set lifecycle policies, and configure replication.

Step 8: Install the MinIO Client (mc)

The mc command-line client provides S3-compatible operations from the shell:

curl -Lo /usr/local/bin/mc 
  https://dl.min.io/client/mc/release/linux-amd64/mc
chmod +x /usr/local/bin/mc
mc --version

Step 9: Configure an mc Alias

Create a named alias pointing to the local MinIO server:

mc alias set local http://127.0.0.1:9000 minioadmin ChangeMe_S3cure!2026
mc alias ls

Step 10: Perform Bucket and Object Operations

Create a bucket:

mc mb local/mybucket

Upload a file:

echo "Hello MinIO" > /tmp/hello.txt
mc cp /tmp/hello.txt local/mybucket/

List bucket contents:

mc ls local/mybucket

Download an object:

mc cp local/mybucket/hello.txt /tmp/hello-downloaded.txt
cat /tmp/hello-downloaded.txt

Recursively copy a directory:

mc cp --recursive /var/log/httpd/ local/mybucket/httpd-logs/

Set a bucket to public read (optional, for static website hosting):

mc anonymous set download local/mybucket

Step 11: Use the S3-Compatible API

MinIO exposes the same API as Amazon S3. You can use aws-cli, Boto3 (Python), or any S3 SDK by pointing the endpoint at your server:

yum install -y python3-pip
pip3 install awscli boto3

aws configure
# Enter: minioadmin / ChangeMe_S3cure!2026 / us-east-1 / json

aws --endpoint-url http://127.0.0.1:9000 s3 ls
aws --endpoint-url http://127.0.0.1:9000 s3 ls s3://mybucket

Conclusion

MinIO is now installed and running as a systemd-managed service on RHEL 7, providing an S3-compatible object storage endpoint accessible from both a web console and the mc CLI. Because the API is fully compatible with Amazon S3, any application that supports S3 — including backup tools, CI/CD pipelines, and data science frameworks — can use your local MinIO server with only a URL change. For production deployments consider enabling TLS with a certificate in /etc/minio/certs/, configuring distributed mode across multiple nodes for erasure coding and high availability, and integrating with an identity provider for fine-grained IAM policies.